daniboy92 Posted August 7, 2014 Share Posted August 7, 2014 (edited) Hi, I'm a little more near from my goal... Now i can spoof all webs, no matter if it's ssl or not... Or if they are previously hard cached (that webs i mean). Now, my question is: how can i get all emails and passwords from dnsspoof? I edit the hmtl from facebook.com that i have stored and i can see all emails and passwords from victim, but other webs that actually i'm spoofing, when i fill email and passwords it doesn't show in /tmp/pineapple-phish.log... Only works with facebook.com because i modify from this tutorial (go to 3:55 in the video to see that modifications...)For example, i want to spoof paypal.com: turn on dnsspoof, victim connects to my AP... He goes to paypal.com, put his email and password... But, i can't see it in my pineapple-phish.log... How can we get the email and passwords? This is my questions. Actually i only see this fields with facebook.com... Sorry for bad english. Regards. Edited August 7, 2014 by daniboy92 Quote Link to comment Share on other sites More sharing options...
cooper Posted August 7, 2014 Share Posted August 7, 2014 The process is probably quite similar. The problem you have is that there's probably some javascript on the page which in some way modifies the user input prior to submission. As a result, you're lucky to see gibberish, if that. So, do everything like with the facebook site only now for your alternate target site, find the HTML form on the page that you're interested in, change the action, find the input fields and rename them and you should be golden. Quote Link to comment Share on other sites More sharing options...
daniboy92 Posted August 8, 2014 Author Share Posted August 8, 2014 That's the question... I'm trying to find that code but I can't, simply I was looking for it but I can't see it... Any clue to get websites doesn't hide email and passwords? Quote Link to comment Share on other sites More sharing options...
Foxtrot Posted August 8, 2014 Share Posted August 8, 2014 (edited) I don't mean to be that guy but I think if you cant edit a form like Cooper suggests you probably shouldn't be trying to spoof PayPal and Facebook Edited August 8, 2014 by Foxtrot Quote Link to comment Share on other sites More sharing options...
daniboy92 Posted August 8, 2014 Author Share Posted August 8, 2014 I don't mean to be that guy but I think if you cant edit a form like Cooper suggests you probably shouldn't be trying to spoof PayPal and Facebook Yes, yes.. I know, but i'm here to learn, that's why i ask to people who can give me ideas... I'm not a professional, i'm a newbie triying to learn something. Thanks for your answer. Quote Link to comment Share on other sites More sharing options...
Smarty Posted August 8, 2014 Share Posted August 8, 2014 (edited) You need to look for the POST action that the actual form is doing. Just like in the turorial. Look for the input fields and the name that these values are given and change the form field names to user and pass like you did in the facebook tutorial. Only when the form fields are named "user" and " pass" will they show up in the logfile. Offcourse the post action will have to be changed to error.php aswell.... Its all the same as the facebook tutorial.. Open the index.html from the website you want to change ans search for the like that says POST and post ACtIOn and form. If i cant post this info then admins plz remove this post! Edited August 8, 2014 by Smarty Quote Link to comment Share on other sites More sharing options...
daniboy92 Posted August 8, 2014 Author Share Posted August 8, 2014 (edited) Thanks all! Yes, that was what i tried, looking into the html code. I get post-login action redirects to error.php, all I need is modify that fields... Actually I locate it, I proof changing it but it doesn't show in log... I need to try some different variables in these fields... I'll post the results. If anyone can give me more details about that words I need... It will be awesome. Edited August 8, 2014 by daniboy92 Quote Link to comment Share on other sites More sharing options...
Smarty Posted August 8, 2014 Share Posted August 8, 2014 (edited) This is an example login form : <!DOCTYPE html> <!--[if lt IE 7]> <html class="lt-ie9 lt-ie8 lt-ie7" lang="en"> <![endif]--> <!--[if IE 7]> <html class="lt-ie9 lt-ie8" lang="en"> <![endif]--> <!--[if IE 8]> <html class="lt-ie9" lang="en"> <![endif]--> <!--[if gt IE 8]><!--> <html lang="en"> <!--<![endif]--> <head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"> <title>Login Form</title> <link rel="stylesheet" href="css/style.css"> <!--[if lt IE 9]><script src="//html5shim.googlecode.com/svn/trunk/html5.js"></script><![endif]--> </head> <body> <section class="container"> <div class="login"> <h1>Login to Web App</h1> <form method="post" action="index.html"> <p><input type="text" name="login" value="" placeholder="Username or Email"></p> <p><input type="password" name="password" value="" placeholder="Password"></p> <p class="remember_me"> <label> <input type="checkbox" name="remember_me" id="remember_me"> Remember me on this computer </label> </p> <p class="submit"><input type="submit" name="commit" value="Login"></p> </form> </div> So the post actions needs to be redirected to in your case error.php. Then you need to find the fields you want to be redirected, or captured.. So the input fields in the login form... <p><input type="text" name="login" value="" placeholder="Username or Email"></p> <p><input type="password" name="password" value="" placeholder="Password"></p> In this example it would be these 2.... First one is the username.. 2nd the password... Look at the name= values.. If you want error.php to recognize it as a username and passwords and be passed to your log these fields need to be called user and pass..... So name="user" and name="pass" Edited August 8, 2014 by Smarty Quote Link to comment Share on other sites More sharing options...
daniboy92 Posted August 8, 2014 Author Share Posted August 8, 2014 Wow Smarty, that's amazing man! Thanks for sharing this with me. I will try this now! Quote Link to comment Share on other sites More sharing options...
Smarty Posted August 8, 2014 Share Posted August 8, 2014 Shure, no problem. Just Don't be evil with this sort of stuff and have fun! Quote Link to comment Share on other sites More sharing options...
daniboy92 Posted August 8, 2014 Author Share Posted August 8, 2014 Just broke my MicroSD... F*ck shit of MicroSD :@ I'll replace it tomorrow... ¬¬ Quote Link to comment Share on other sites More sharing options...
daniboy92 Posted August 11, 2014 Author Share Posted August 11, 2014 I proving it now and this is awesome! It works perfectly, thanks @Smarty for your help and your ideas! Now i can spoof any web what i want! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.